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What Is Claimed Is: 

An information security system comprising: 

a plurality of trusted Authorities configurable in a rooted hierarchical structure 
including at least one of the trusted authorities being a superior authority and at least one 
of the trusted authorities beinglsubordinate authorities; and 

the superior authority operative to generate inter trusted authority trust 
modification data to dynamically vary validation starting authorities among the 
subordinate authorities. 
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2. The system of claim 1 wherein at least one of the subordinate authorities includes 
a certificate issuer operatively responsive to the inter trusted authority modification data 
for issuing certificates for at least pne subscriber based on the inter trusted authority 
modification data. 
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3. The system of claim 1 wheiein at least one of the subordinate authorities includes 
a subscriber trust anchor specifier, operatively responsive to the inter trusted authority 
modification data, that generates tript anchor modification data for a plurality of 
subscribers. 
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4. The system of claim 3 wherein the trust anchor modification data includes 
subordinate trust anchor data representing at least one trust anchor different from a local 
trust authority. 
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5. The system of claim 1 whereim the superior authority includes a trust anchor 
modification data certificate issuer thai provides the trust anchor modification data as a 
signed data structure for the subordinate authorities. 
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6. The Astern of claim 1 wherein the trust anchor modification data includes 
data representing at l^ast one of: scope of certification data, subordinate authority cross- 
certification allowance data, subordinate authority certification rule data, subordinate 
authority password rule data, subscriber trust anchor rule data and subscriber password 
rule data, certificate expify policy, subscriber algorithm policy, and policy control 
message data. 



7. The system of claim u wherein one of the trusted authorities is a root authority. 

10 8. The system of claim ^including subordinate authority memory containing data 
representing validation starting\ authority data, wherein the data is stored in response to 
receiving the inter trusted authonty trust modification data. 
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9. An information security system comprising: 

a plurality of trusted authorities configurable in a rooted hierarchical structure 
including at least one of the trusted authorities being a superior authority and at least one 
of the trusted authorities being subordinate authorities; 

the superfbr authority operative to generate policy control message data to 
dynamically vary nolicy control data to facilitate trust authority policy delegation among 
the subordinate authorities wherein the policy control data includes inter trusted authority 
trust modification daia to dynamically vary validation starting authorities among the 
subordinate authorities; and 

wherein at least one of the subordinate authorities includes a certificate issuer 
operatively responsiveuo the inter trusted authority modification data for issuing 
certificates for at least one subscriber based on the inter trusted authority modification 
data and further includes a subscriber trust anchor specifier, operatively responsive to the 
inter trusted authority modification data, that generates trust anchor modification data for 
a plurality of subscribers. 
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10. The system of claiiA 9 wherein the trust anchor modification data includes 
subordinate trust anchor datp representing at least one trust anchor different from a local 
trust authority. 

1 1 . The system of claim 10 wherein the superior authority includes a trust anchor 
modification data certificate issuer that provides the trust anchor modification data as a 
signed data structure for the subordinate authorities. 
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The system of claim 9 wherein the trust anchor modification data includes data 
representing at least one if: scope of certification data, subordinate authority 
cross-certification allowance data, subordinate authority certification rule data, 
subordinate authority password rule data, subscriber trust anchor rule data and 
subscriber password rule data, certificate expiry policy, subscriber algorithm 
policy, and policy control message data. 



15 



« • 



13. The system of claim 12 wherein one of the trusted authorities is a root authority. 

14. The system of claim 13 including subordinate authority memory containing data 
representing validation starting authority data, wherein the data is stored in response to 
receiving the inter trusted authority trust modification data. 
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15. A method 
providing 
structure includin 



for providing information security comprising: 
a plurality of trusted authorities configurable in a rooted hierarchical 
g at least one of the trusted authorities being a superior authority and at 



least one of the trusted authorities being subordinate authorities; and 

generating inter trusted authority trust modification data to dynamically vary 
validation starting authorities among the subordinate authorities. 



16. The method of claim 15 including issuing certificates for at least one subscriber 
based on the inter trusted authority modification data. 

17. The method oficlaim 15 including generating trust anchor modification data for a 
plurality of subscribers. 

18. The method of claim 17 wherein the trust anchor modification data includes 
subordinate trust anchor data representing at least one trust anchor different from a local 
trust authority. 

19. The method of dlaim 15 including the step of providing the trust anchor 
modification data as a signed data structure for the subordinate authorities. 

20. The method of claim 15 wherein the trust anchor modification data includes data 
representing at least one of: scope of certification data, subordinate authority 
cross-certification allowance data, subordinate authority certification rule data, 
subordinate authority password rule data, subscriber trust anchor rule data and 
subscriber password rule data, certificate expiry policy, subscriber algorithm 
policy, and policy qontrol message data. 



2 1 . The method of claim 1 5 including the step of storing data representing validation 
starting authority data, in response to receiving the inter trusted authority trust 
modification data. 
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